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REMARKS 

The present response is intended to be fully responsive to all points of objection and/or 
rejection raised by the Examiner and is believed to place the application in condition for 
allowance. Favorable reconsideration and allowance of the application is respectfully 
requested. 

Applicants assert that the present invention is new, non-obvious and useful. Prompt 
consideration and allowance of the claims is respectfully requested. 

Status of Claims 
Claims 1-34 are pending in the application. 
Claims 1-34 have been rejected. 

Claims 1, 2, 6-13, 24, 29-31, and 33 have been amended in this submission. It is 
respectfully submitted that no new matter is added by these amendments. 

Telephone Interview 

Applicants are grateful to the Examiner for granting and conducting the telephone 
interview on August 30, 2011 with Applicants' representative, Guy Yonay, Reg. No. 52,388. 
During the interview, the priority issue and the Sweetchillisauce reference were discussed. 
The Examiner agreed that (at least) claim 1 as currently amended is supported by the original 
provisional application as filed. 

CLAIM REJECTIONS 

35 U.S.C. § 101 Rejection 

Applicants are grateful to the Examiner for withdrawing the rejection of claims 1-7, 
10, 14, 15, 17, 18, and 24-34 under 35 U.S.C. § 101. 



APPLICANT(S): 
SERIAL NO.: 
FILED: 
Page 8 



GOLAN, Lioretal. 

10/578,591 

July 9, 2007 



35 U.S.C. § 112 Rejection 

Applicants are grateful to the Examiner for withdrawing the rejection of claims 8, 23, 
and 30 under 35 U.S.C. § 112. 

The Examiner has not rejected claims 1, 24, and 32 under 35 U.S.C. § 112, second 
paragraph, as being indefinite. The Examiner as inquired whether by "responding" is meant 
that (1) the server automatically generates the response without human intervention, or (2) a 
human uses the server to manually generate and transmit the response, or (3) the response is 
generated by a client, forwarded to the mail server for sending to the contact point. 

The Examiner is referred to the specification, including para. [0031] of the application 
as published for further details. Moreover, it will be noted that in order to clarify the scope of 
the claims, Applicants have amended claims 1, 24, and 32. 



Priority Claim 

Applicants are grateful to the Examiner for acknowledging the priority claim based on 
U.S. Provisional Patent Application No. 60/517,858, filed Nov. 7, 2003. The Examiner has 
inquired about support for some of the pending claims. 

Preliminarily, it is noted that the Examiner has not objected to support in the 
provisional application for claims 2-4, 10, 14, 16, 19, and 25-26. 

Regarding claims 1, 24 and 32, the Examiner has inquired whether the clogging is 
done manually or by the server. Applicants respectfully submit that the provisional 
application discloses a system for automatically performing the steps involved. 

• The Detailed Description of the Invention states that "Phishing emails . . . will 
be blocked or otherwise dealt with, for example without reaching recipients' 
mailboxes ." (p. 5). 

• The description largely refers to the system performing various steps. On the 
contrary, when human intervention is required, it is specifically noted, e.g., 
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"Further rules, such as a second set of secondary rules, as well as potentially 
human review , may be applied. . ." (p. 5). 

• References to "Clogging" (pp. 7-8) are found together with other points that 
are clearly system-automated actions, e.g., blocking and alerting, which are 
typically performed on a mass scale, and cannot be performed manually in any 
commercial implementation of the invention. 

Applicants further note that the current amendments to claims 1, 24, and 32 are fully 
supported in the provisional patent application. For example, claim 1 has now been amended 
to recite: 

responding, by the server processor, to a contact point created by a 
party, the response including a set of details, the set of details 
including a set of false personal information, said false personal 
information including information associated with a false account; 

monitoring said false account for attempted access; and 

based on an attempt to access said false account, determining that said 
party is attempting to commit fraud. 

Support for this amended claim may be found, for example, at the portions of the 
provisional application, cited below, which disclose: 

An anti email-spam company that works with this method may set up 
numerous email accounts that do not belong to real people or entities, 
and lists them in public email guides. If an email gets to these 
addresses it can be either the result of a spam or an honest mistake. If 
the email reaches several addresses the chances of an honest mistake 
are slim. 



4. Clogging: For example, the Phishing website [] which tries to 
collect data from the Service Provider's customers, is filled with fake 
records of people, thus diluting the quality of data that the fraudsters 
obtain. 

5. Mark & Block: For example, the Phishing website to which tries to 
collect data from the Service Provider's customers, is filled with fake 
records of people. When the Service Provider detects that those "fake 
people" attempt to access the Service Provider's real website/ Service, 
it will be possible to identify the source of that attempt (using the 
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phony records) and to block any further attempts from that same 
source(e.g. IP, location etc), this way, when the fraudster will attempt 
to access the Service Provider's service using real valuable stolen data 
(and no the fake one sent to it) such usage will be blocked, including 
good details. 

6. Mark & Catch: For example, the Phishing website to which tries 
to collect data from the Service Provider's customers, is filled with 
fake records of people. When the Service Provider detects that these 
"fake people" attempt to enter the Service Provider's real website, the 
Service Provider can zero in and catch the fraudster 

Provisional patent application, pp. 7-8. 

The Examiner has also inquired about support in the provisional application for claims 
5-9, 11-13, 15, 17, 18, 20-23, 27-31, 33, and 34. At least with regard to claims 8, 23, 30, and 
33, the creation and use of a database including a set of false identities is inherent insofar as 
the system must keep track of false identities in order to monitory their use by scammers. In 
addition, the use of a database is disclosed at p. 8. 

Accordingly, the Examiner's objection to priority claim at least with respect to claims 
1, 8, 23, 24, 30, and 32 is overcome. Therefore, the provisional application provides support 
for at least claims 1-4, 8, 10, 14, 16, 19, 23-26, 30, 32, and 33. All other claims are supported 
at least as early as Nov. 8, 2004, in the PCT application. 



35 U.S.C. § 103 Rejections 

In the Office Action, the Examiner rejected claims 1-2, 5-13, 15, 18, 24, and 26-31 
under 35 U.S.C. § 103(a), as being unpatentable over Sweetchillisauce (NPL) in view of U.S. 
Pat. Pub. No. 2005/0257261 (Shraim). Applicant respectfully traverses the rejection for at 
least the reasons that follow. 

First, as discussed above, the provisional application, filed Nov. 7, 2003, provides 
support for at least claims 1-2, 8, 10, 24, 26, 30, 32, and 33. Therefore, the rejection of these 
claims over Shraim, filed May 2, 2004, is improper. As to rejected claims 5-7, 9, 11-13, 15, 
18, 27-29, and 31, Applicants traverse the rejection for the below reasons. 
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Applicants have thoroughly reviewed the Sweetchillisauce reference, including every 
item of correspondence between "Kris Kringle" and the Nigerian scammer "Stella Mike." 
While the rotund Mr. Kringle's joviality is highly entertaining - indeed, at times hilarious - 
the reference hardly discloses a systematic method of ferreting out Phishing scams. 

Indeed, the nature of the particular scam must be understood in order to appreciate the 
significant differences between the claimed invention and the Sweetchillisauce reference. 
Stella Mike writes that Kris Kingle's account is blocked, and that Mr. Kringle can buy certain 
software to unblock it. It must be understood that the (gender-ambiguously named) Ms. Mike 
does not actually want to access Mr. Kingle 's account . Therefore, when Kris Kringle writes 
that his account is at "St Nicholas Bank Limited, Christmas Hills Branch," Stella Mike has no 
intention of accessing this account. Ms. Mike makes money from Mr. Kingle's voluntarily 
purchasing the unlocking software for $3,500. To this end, Ms. Mike sends Mr. Kringle real 
bank account information, for Mr. Kringle to transfer the money into. In short, not only is the 
Sweetchillisauce reference is a prank correspondence, it does not even disclose a Phishin i; 
scam . 

In contrast, claim 1, as amended recites a method comprising: 

responding, by the server processor, to a contact point created by a 
party, the response including a set of details, the set of details 
including a set of false personal information, said false 
personal information including information associated with a 
false account; 

monitoring said false account for attempted access; and 
based on an attempt to access said false account, determining that 
said party is attempting to commit fraud. 
Therefore, the Sweetchillisauce reference does not disclose any of these method 
elements: (a) there is no responding by a server processor, because Mr. Kringle is operated by 
a human user (to great comical effect), (b) Mr. Kringle does not provide false personal 
information including information associated with a false account, (c) Mr. Kringle does not 
monitor a false account (for example, at St Nicholas Bank Limited, Christmas Hills Branch) 
for attempted access, and (d) Mr. Kringle does not determine whether Ms. Mike is attempting 
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to commit fraud, either because he doesn't care, or (more likely) because he has already 
determined from the start that this is a scam. 



The Examiner has considered that the Sweetchillisauce reference does not disclose 
responding by a server, but argued that modifying the Sweetchillisauce reference so that the 
responses are by a server would have been obvious "because doing so allows the process of 
NPL to be automated." (Office action, p. 9). With due respect, the Office action 
mischaracterizes the purpose of the Sweetchillisauce reference, which is merely to entertain. 
What exactly would be the point of an automated replacement of Mr. Kringle... to make 
automated jokes? That is, because the Sweetchillisauce reference does not disclose a 
utilitarian process, but one intended for entertainment alone, there would have been no reason 
to automate it. 

In any event, even it would have been obvious to automate the process, doing so 
would not have involved monitoring a false account for attempted access; and based on an 
attempt to access said false account, determining that said party is attempting to commit fraud, 
as now recited in amended claim 1. 

Accordingly, independent claims 1 and 24 are allowable over the Sweetchillisauce 
reference. Each of dependent claims 2, 5-13, 15, 18, and 26-31 depends, directly or 
indirectly, from independent claims 1 and 24 and includes all the features of the claim from 
which it depends as well as additional distinguishing features, and is therefore allowable. 



In addition, however, some of claims 2-3, 7, 9-13, 15, 26, 29 and 31 merit further 
discussion. 

Regarding claim 2, the Examiner stated that the Sweetchillisauce reference teaches 
responding a plurality of times, each response including a different set of details. Applicants 
have now chuckled and belly-laughed through every joke in the Sweetchillisauce reference, 
and have not found Mr. Kringle providing Ms. Mike with different sets of details, for 
example, different bank accounts. Indeed, it is Ms. Mike who provides Mr. Kingle with her 
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(real) bank account information for him to transfer funds into. That is, Ms. Mike is not 
attempting to access Mr. Kingle's bank account information. 

Regarding claims 11-13 and 31, to find the elements of responding using a plurality of 
Internet access points, a plurality of intermediate networks, a plurality of intermediate Internet 
service providers the Examiner pointed to Stella Mike generating multiple requests directed to 
multiple users, and that multiple users may respond independently. Applicants disagree with 
this reading of the claim, but in any event, even if there were a plurality of Sweetchillisause 
anti-pranksters (which itself is hard to believe), this would not entail a server processor 
automatically responding a plurality of times, but a plurality of users manually responding 
using a plurality of processors. 

Regarding claim 15, to find the element of "wherein the number of is in proportion to 
a size of an attack in response to which the responses are sent", the Examiner pointed to each 
response being generated in response to a scam request. Although the Examiner has 
hypothesized a plurality of Kris Kingles, responding to a respective plurality of requests by 
Stella Mike, the Sweetchillisauce reference does not disclose a server processor to generate a 
number of responses that is proportional to a size of an attack. 

Regarding claim 18, the Examiner wrote that the Sweetchillisauce reference and 
Shraim "collectively" teach that the timing mimics the behavior of automated client software. 
First, the Examiner does not seem to claim that the Sweetchillisauce reference discloses this 
element. Second, even if Shraim discloses this element, as discussed above, the Examiner has 
not made a prima facie case, because the Examiner has not addressed any motivation to 
combine Shraim with a harmless prank on an unsuspecting Nigerian scammer. 

In the Office Action, the Examiner rejected claims 3, 16 and 25 under 35 U.S.C. 
§ 103(a), as being unpatentable over Sweetchillisauce in view of Shraim, in further view of 
Applicant Admitted Prior Art (AAPA). First as discussed above, the provisional application 
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provides support for claims 3, 16, and 25, and therefore, the Shraim reference is inapplicable. 
Moreover, the Sweetchillisauce reference does not disclose every element of claim 1. 
Accordingly, claims 3, 16 and 25 are allowable over the combination of Sweetchillisauce, 
Shraim, and Applicant Admitted Prior Art, at least by reason of depending from an allowable 
base claim. 



In the Office Action, the Examiner rejected claim 14 under 35 U.S.C. § 103(a), as 
being unpatentable over Sweetchillisauce in view of U.S. Pat. Pub. No. 2006/0053490 
(Hertz). Applicant respectfully traverses the rejection for at least the reasons that follow. 

Primarily, Hertz can not cure the deficiencies of Sweetchillisauce discussed above. 
Accordingly, claim 14 which depends from allowable base claim 1 is allowable over the 
combination of Sweetchillisauce and Hertz. 

Hertz is directed to detecting, preventing, and repairing network intrusions. To find 
the element of "data in a response is marked, the method comprising monitoring an institution 
for the use of marked data in an attempted transaction", the Examiner pointed to paragraph 
[0088 1 of Hertz which discloses: 

Certainly in such an event, autonomously implemented counter 
measures may also be performed if appropriate as a defensive or 
evasive action or deterrent, e.g., if a pass code was inadvertently 
sent out (and it was not blocked by the system) the pass code could 
be automatically changed or temporarily frozen or if a personal 
bank account or credit card number were sent out in a suspected 
inappropriate context (again assuming it was not blocked at the 
source by the system), the account could be automatically 
temporarily frozen and the number changed or (for example) the 
account automatically set up as a honey pot trap to acquire just 
enough information about who the suspect entity is in order to 
catch him in an inappropriate act of fraud or deception. 

However, although disclosing measures taken when a password or other sensitive 
information has leaked and a honey pot trap to acquire information about a suspected entity, 
paragraph [0088] does not disclose responding with marked data or other elements in claim 



14. Nor would have been obvious to combine the Sweetchillisauce reference with the Herz 
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reference, insofar as there is no motivation or reason for Kris Kingle to detect, prevent, and 
repair network intrusions. 



In the Office Action, the Examiner rejected claim 17 under 35 U.S.C. § 103(a), as 
being unpatentable over Sweetchillisauce in view of Shraim, in further view of U.S. Pat. No. 
6,330,672 (Shur). Applicant respectfully traverses the rejection for at least the reasons that 
follow. 

Primarily, Shur can not cure the deficiencies of Sweetchillisauce and Sbhraim, 
discussed above with respect to claim 1. Accordingly, claim 17 which depends from allowable 
base claim 1 is allowable over the combination of Sweetchillisauce and Shur. 

In addition, Shur is directed to protecting copyright protected work. As disclosed by 
Shur, a digital watermark is inserted in accordance with a key that is indicative of the location 
of the mark in a digitally encoded signal. To find the element of "marking a response using a 
cryptographic algorithm, such that the marking is detectable only with a suitable 
cryptographic key", the Examiner pointed to Shur, col. 3, lines 40-67. However, there would 
have been no reason for one of ordinary skill in the art to combine the correspondence of Kris 
Kringle from the Sweetchillisauce reference with the copyright marking of the Shur reference. 
Accordingly, claim 17 is allowable over the combination of Sweetchillisauce, Shraim, and 
Shur. 



In the Office Action, the Examiner rejected claims 19-23, and 32-34 under 35 U.S.C. 
§ 103(a), as being unpatentable over Sweetchillisauce in view of Shraim, in further view of 
AAPA. Applicant respectfully traverses the rejection for at least the reasons that follow. 
First, as discussed above, the provisional application provides support for at least claims 19, 
23, 32, and 33. Accordingly, the Shraim reference is not prior art with respect to these claims. 
Moreover, the Shraim reference does not disclose the elements of claims 20-22 and 34. 

With respect to claim 20, nothing in Shraim discloses or renders obvious that "filling 
in the web-form comprises transmitting information at a speed designed to mimic a human 
entering data." 
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With respect to claim 21, nothing in Shraim discloses or renders obvious "setting the 
timing of the contacting to resemble that of a set of unrelated users." 

With respect to claim 22, nothing in Shraim discloses or renders obvious "setting the 
timing of the contacting to resemble that of a set of unrelated users." 

With respect to claim 34, nothing in Shraim discloses or renders obvious that "entering 
the data comprises transmitting information at a speed designed to mimic a human entering 
data." 

In any event, with respect to claims 20-22 and 34, there would have been no reason to 
combine the Sweetchillisauce reference with the disclosures of Shraim or AAPA. 

Accordingly, claims 19-23 and 32-34 are allowable over Sweetchillisauce in view of 
Shraim, in further view of AAPA. 
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Conclusion 



In view of the foregoing amendments and remarks, Applicants assert that the pending 
claims are allowable. Their favorable reconsideration and allowance is respectfully requested. 

Should the Examiner have any question or comment as to the form, content or entry of 
this Amendment, the Examiner is requested to contact the undersigned at the telephone 
number below. Similarly, if there are any further issues yet to be resolved to advance the 
prosecution of this application to issue, the Examiner is requested to telephone the 
undersigned counsel. 

Please charge any fees associated with this paper to deposit account No. 50-3355. 



Dated: September 12, 2011 

Pearl Cohen Zedek Latzer, LLP 

1500 Broadway, 12th Floor 
New York, New York 10036 
Tel: (646) 878-0800 
Fax: (646) 878-0801 



Respectfully submitted, 




Attorney/Agent for Applicants 
Registration No. 60,234 



